This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/OSQYUaSf3gbMxgKVGaSRUtdNHTA.roa File: OSQYUaSf3gbMxgKVGaSRUtdNHTA.roa (raw, json) Hash identifier: r4nA30trmkd0vBXPfRkmROxsmgpOrH0HeKPaS+ubN0w= Subject key identifier: 39:24:18:51:A4:9F:DE:06:CC:C6:02:95:19:A4:91:52:D7:4D:1D:30 Certificate issuer: /CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec Certificate serial: 019B7F15025D91D0D4BACE866A2972E4C0BD Authority key identifier: 3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/OSQYUaSf3gbMxgKVGaSRUtdNHTA.roa Signing time: Fri 02 Jan 2026 14:20:41 +0000 ROA not before: Fri 02 Jan 2026 14:20:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42580 IP address blocks: 78.29.128.0/18 maxlen: 18 81.20.240.0/20 maxlen: 20 128.65.224.0/19 maxlen: 19 185.218.12.0/22 maxlen: 22 2a0b:c1c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.mft rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:02:5d:91:d0:d4:ba:ce:86:6a:29:72:e4:c0:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec Validity Not Before: Jan 2 14:20:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=39241851a49fde06ccc6029519a49152d74d1d30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:bb:11:38:36:87:6c:43:39:97:23:d4:f7:9f: a1:08:ae:ab:56:64:49:30:78:bd:93:36:4d:96:2e: 81:1c:49:35:72:b6:73:dd:95:62:38:30:28:5a:c8: 24:74:94:1c:1f:43:63:06:0d:e9:83:be:78:52:f6: 09:85:70:cd:a6:d7:e1:42:95:58:5e:d3:84:58:54: bb:cf:8e:0e:85:ef:4a:f3:79:8d:c2:a8:2d:d6:e0: 7b:b2:12:8b:9b:48:4d:8c:ef:6d:27:24:c9:e8:62: 88:e6:18:54:df:20:cf:f4:fe:0c:21:b9:07:15:92: 0e:d5:57:67:47:b0:5c:a1:94:05:d6:78:1a:bb:1f: 5c:44:d2:a2:18:f7:0c:52:0e:b8:8a:e5:64:7b:2c: 8d:3b:39:95:4e:84:41:35:10:16:28:a5:ec:33:c3: 0d:ff:97:b5:cb:25:10:b9:54:30:32:05:ce:7d:f2: bb:56:d8:bb:5c:72:ac:7b:22:fd:a3:f3:36:34:3a: b6:ca:7a:40:be:91:4e:a8:e1:84:7a:52:b5:dd:ac: 3e:e1:a7:a7:56:9d:cb:df:fb:5e:dc:d2:76:e9:46: 57:ae:a7:37:87:5f:bc:85:0f:e0:15:c9:54:5b:3f: 80:c9:67:95:12:94:a1:ec:8a:06:33:7a:d7:07:bc: c0:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:24:18:51:A4:9F:DE:06:CC:C6:02:95:19:A4:91:52:D7:4D:1D:30 X509v3 Authority Key Identifier: keyid:3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/OSQYUaSf3gbMxgKVGaSRUtdNHTA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.29.128.0/18 81.20.240.0/20 128.65.224.0/19 185.218.12.0/22 IPv6: 2a0b:c1c0::/29 Signature Algorithm: sha256WithRSAEncryption 2b:c9:a6:08:70:76:38:d8:2b:20:18:0b:80:b0:56:2e:d0:86: 6a:d9:ca:45:9e:55:78:65:dc:49:d0:f9:51:42:62:fe:f4:77: e7:96:e7:fa:5c:24:ad:9e:1f:9d:7e:66:72:b7:53:23:9a:36: dc:61:9b:64:a5:00:0b:59:9a:1d:91:03:33:c3:13:75:6f:21: dd:43:73:69:7b:b4:44:d5:32:da:70:a9:5b:d9:9e:64:5d:50: 96:a7:81:93:ed:2c:68:4d:62:7f:8f:03:0d:34:15:ac:e4:25: 7b:a2:0d:c3:f6:c4:3d:ff:21:68:05:10:e3:ab:12:93:22:34: ce:71:77:b1:b3:7b:22:62:c6:83:d2:a3:ce:20:2a:92:dc:b8: c0:19:df:c1:11:0d:43:8f:c2:86:87:a9:91:c3:13:1e:17:4c: e1:7a:d5:4f:db:17:26:e4:9c:75:a4:66:b0:3b:2e:45:13:7e: 73:3a:95:04:27:63:e5:df:db:a6:1d:60:0a:d4:dc:2e:e3:f5: 12:d9:dc:2e:19:5a:27:f8:2b:e9:12:2a:aa:56:42:e7:ed:d8: d9:2c:1d:e0:f9:2a:ca:07:9c:19:d1:34:68:d4:ae:18:28:db: 85:66:be:4d:c0:16:31:6c:9b:55:b0:48:e1:41:a4:56:77:ec: d6:28:42:e6 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt/FQJdkdDUus6Gaily5MC9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZWViOWU2OTJiYTllOTNkOGI5NWE2NDg4ZDVjODc1NjA5 ZDRhZWMwHhcNMjYwMTAyMTQyMDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzOTI0MTg1MWE0OWZkZTA2Y2NjNjAyOTUxOWE0OTE1MmQ3NGQxZDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bsRODaHbEM5lyPU95+hCK6rVmRJ MHi9kzZNli6BHEk1crZz3ZViODAoWsgkdJQcH0NjBg3pg754UvYJhXDNptfhQpVY XtOEWFS7z44Ohe9K83mNwqgt1uB7shKLm0hNjO9tJyTJ6GKI5hhU3yDP9P4MIbkH FZIO1VdnR7BcoZQF1ngaux9cRNKiGPcMUg64iuVkeyyNOzmVToRBNRAWKKXsM8MN /5e1yyUQuVQwMgXOffK7Vti7XHKseyL9o/M2NDq2ynpAvpFOqOGEelK13aw+4aen Vp3L3/te3NJ26UZXrqc3h1+8hQ/gFclUWz+AyWeVEpSh7IoGM3rXB7zAGwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFDkkGFGkn94GzMYClRmkkVLXTR0wMB8GA1UdIwQY MBaAFDruueaSup6T2LlaZIjVyHVgnUrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTkt NTAzM2Y4ZDc5YmU3LzEvT1NRWVVhU2YzZ2JNeGdLVkdhU1JVdGROSFRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTktNTAzM2Y4ZDc5YmU3 LzEvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTh2AAwQE URTwAwQFgEHgAwQCudoMMA0EAgACMAcDBQMqC8HAMA0GCSqGSIb3DQEBCwUAA4IB AQAryaYIcHY42CsgGAuAsFYu0IZq2cpFnlV4ZdxJ0PlRQmL+9Hfnluf6XCStnh+d fmZyt1MjmjbcYZtkpQALWZodkQMzwxN1byHdQ3Npe7RE1TLacKlb2Z5kXVCWp4GT 7SxoTWJ/jwMNNBWs5CV7og3D9sQ9/yFoBRDjqxKTIjTOcXexs3siYsaD0qPOICqS 3LjAGd/BEQ1Dj8KGh6mRwxMeF0zhetVP2xcm5Jx1pGawOy5FE35zOpUEJ2Pl39um HWAK1Nwu4/US2dwuGVon+CvpEiqqVkLn7djZLB3g+SrKB5wZ0TRo1K4YKNuFZr5N wBYxbJtVsEjhQaRWd+zWKELm -----END CERTIFICATE-----Generated at Sun Jan 25 22:50:36 2026 by rpki-client